158 matches found
CVE-2026-49002 Broken Access Control Vulnerabily in ZTE ZXUniPOS NDS-LTE product
Access control failure means that an application does not effectively check user access permissions, so that unauthorized users can access system data beyond their permissions, such as viewing and modifying configuration information...
CVE-2026-49002
CVE-2026-49002 affects ZTE’s ZXUniPOS NDS-LTE product. The issue is a broken access control in the application that allows unauthorized users to access data beyond their permissions (e.g., viewing/modifying configuration information). CVSS metrics indicate a high-severity, network-exploitable fla...
CVE-2026-49001 Cross-Site Request Forgery (CSRF) vulnerability in ZTE ZXUniPOS NDS-LTE product
Cross-site request forgery CSRF vulnerabilities allow attackers to exploit a user's authenticated session to forge cross-site requests, inducing the execution of unintended operations such as tampering with configuration data...
CVE-2026-49001 Cross-Site Request Forgery (CSRF) vulnerability in ZTE ZXUniPOS NDS-LTE product
Cross-site request forgery CSRF vulnerabilities allow attackers to exploit a user's authenticated session to forge cross-site requests, inducing the execution of unintended operations such as tampering with configuration data...
CVE-2026-49001
CVE-2026-49001 describes a CSRF vulnerability in the ZTE ZXUniPOS NDS-LTE product. The vulnerability allows an attacker to abuse a user’s authenticated session to forge unwanted requests, potentially tampering configuration data. According to the metrics, the exploit would have Network attack vec...
CVE-2026-49000
Technical details (affected products, components, versions, exploit info) are not publicly available in the provided documents. Monitor for updates from NVD, the CVE List, and vendors.
CVE-2026-48999
CVE-2026-48999 affects the ZTE ZXUniPOS NDS-LTE product. It is a Stored Cross-Site Scripting (XSS) vulnerability where attacker-supplied scripts are stored and executed in a user’s browser when loading affected pages. Impacts stated include cookie theft, session hijacking, and page content tamper...
ZTE ZXUniPOS NDS-LTE 安全漏洞
ZTE ZXUniPOS NDS-LTE is an operator network positioning platform developed by ZTE Corporation. ZTE ZXUniPOS NDS-LTE has a security vulnerability. This vulnerability arises from attackers carefully constructing malicious scripts and injecting them into target systems. When other users access pages...
ZTE ZXUniPOS NDS-LTE 安全漏洞
ZTE ZXUniPOS NDS-LTE is an operator network positioning platform developed by ZTE Corporation. ZTE ZXUniPOS NDS-LTE has security vulnerabilities, which stem from unsafe password schemes. These include improper selection of encryption algorithms, inadequate key management, or defects in code...
ZTE ZXUniPOS NDS-LTE 安全漏洞
ZTE ZXUniPOS NDS-LTE is an operator network positioning platform developed by ZTE Corporation. ZTE ZXUniPOS NDS-LTE has a security vulnerability. This vulnerability stems from cross-site request forgery, which allows attackers to forge cross-site requests using authenticated user sessions, thereb...
CVE-2026-44410 Function Abusement Vulnerability in ZTE ZXUniPOS NDS-LTE
This vulnerability stems from a business logic flaw.Attackers can exploit legitimate application functions in unintended and abnormal ways, deviating from the designer's expectations, to carry out malicious attacks...
CVE-2026-44410 Function Abusement Vulnerability in ZTE ZXUniPOS NDS-LTE
This vulnerability stems from a business logic flaw.Attackers can exploit legitimate application functions in unintended and abnormal ways, deviating from the designer's expectations, to carry out malicious attacks...
CVE-2026-44410
Technical details for CVE-2026-44410 are not publicly available in the provided documents. Monitor for updates from the vendor and CVE records for any concrete impact, affected components, or remediation.
ZTE ZXUniPOS NDS-LTE 安全漏洞
ZTE ZXUniPOS NDS-LTE is an operator network positioning platform developed by ZTE Corporation. ZTE ZXUniPOS NDS-LTE has a security vulnerability, which stems from business logic defects. Attackers can exploit the features of legitimate applications in an unintended and abnormal manner to carry ou...
Wireshark 1.12.x < 1.12.13 Multiple Vulnerabilities (macOS)
The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 1.12.13. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-1.12.13 advisory. - The NDS dissector could crash. It may be possible to make Wireshark crash by injecting a malformed...
SUSE CVE-2009-0895
Integer overflow in Novell eDirectory 8.7.3.x before 8.7.3.10 ftf2 and 8.8.x before 8.8.5.2 allows remote attackers to execute arbitrary code via an NDS Verb 0x1 request containing a large integer value that triggers a heap-based buffer overflow...
CVE-2020-7006
Systech Corporation NDS-5000 Terminal Server, NDS/5008 8 Port, RJ45, firmware Version 02D.30. Successful exploitation of this vulnerability could allow information disclosure, limit system availability, and may allow remote code execution...
EUVD-1999-1509
Malware in sbrugna...
EUVD-2008-5073
Malware in sbrugna...
EUVD-2016-9985
Malware in sbrugna...